Published: 09/05/2014 Updated: 06/09/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 515

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote malicious users to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
isc bind 9.10.0

The prefetch implementation in named in ISC BIND 9100, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes ...

For each available CPE the script prints out known vulns (links to the correspondent info) and correspondent CVSS scores.

nmap -sV --script vulners [--script-args mincvss=<arg_val>] <target>

53/tcp   open     domain             ISC BIND DNS
| vulners:
|   ISC BIND DNS:
|     CVE-2012-1667    8.5    https://vulners.com/cve/CVE-2012-1667
|     CVE-2002-0651    7.5    https://vulners.com/cve/CVE-2002-0651
|     CVE-2002-0029    7.5    https://vulners.com/cve/CVE-2002-0029
|     CVE-2015-5986    7.1    https://vulners.com/cve/CVE-2015-5986
|     CVE-2010-3615    5.0    https://vulners.com/cve/CVE-2010-3615
|     CVE-2006-0987    5.0    https://vulners.com/cve/CVE-2006-0987
|_    CVE-2014-3214    5.0    https://vulners.com/cve/CVE-2014-3214

CWE-20 https://kb.isc.org/article/AA-01161 http://www.securitytracker.com/id/1030214 http://security.gentoo.org/glsa/glsa-201502-03.xml https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2014-3214 https://nmap.org/nsedoc/scripts/vulners.html

CVE-2014-3214

Vulnerability Summary

Vendor Advisories

Nmap Scripts

References

Vulmon Search

About

Products

Connect